[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ga] Registration process suggestion



Roeland,

  Isn't this really besides the point given recent events with respect
to act and evidence provide (Huge amounts) by Bob Davis
and James Touton  via Haralds recent post: 
http://www.dnso.org/clubpublic/ga/Arc03/msg01437.html ?
Sure seems like it to me.  That is just MHO, maybe I am wrong.

Dillon Marshall Esq.

In a message dated 2/14/00 11:31:41 AM Pacific Standard Time, rmeyer@mhsc.com 
writes:

<< > From: owner-ga@dnso.org [mailto:owner-ga@dnso.org]On Behalf Of Dave
 > Crocker
 > Sent: Saturday, February 12, 2000 1:38 PM
 >
 > At 05:15 PM 2/10/2000 -0800, Roeland M.J. Meyer wrote:
 > > > From: owner-ga@dnso.org On Behalf Of Dave Crocker
 
 > > > Although the formal cert developers understand the issue of
 > certs needing
 > > > to be defined carefully, so that different criteria are applied in
 > > > assigning different kinds of certs, there is no large scale use
 > > > of certs as a basis for distinguishing individuals.
 > >
 > >Actually, there is, if you go to the Thawte web-site. The question is if
 >
 > I did not say that no mechanisms or services existed.  I said
 > there was no
 > large-scale USE.
 
 Without marketing/demographics data, which neither of us are either privy to
 (or are free to publish) your statement is unsupported. I still maintain
 that it is false (understood - such statement is equally unsupported).
 However, you might try Forrester's.
 
 >  In this case, large-scale refers both to numbers and
 > diversity of the user base.  Thawte is fine for geeks, but the entire
 > system (of which Thawte is a part) is not viable for typical,
 > non-technical
 > users.  It is far to complicated.
 
 I think that Thawte is doing an admirable job in end-user education. Moreso
 than Verisign is. It is a complex topic.
 
 > > > For that matter, there is no large scale use of certs.
 > >
 > >Go to ANY eCommerce web-site and you will find an SSL cert, at least one.
 > >You will also, on many of them, find TLS capability.
 >
 > Such certs are, at most, for the vendor.  Not the consumer.  A
 > registration/voting system as being discussed here needs persona- (not
 > email-) based certs for the users, not the providers.
 
 I agree with the non-email requirement (email vs persona). It is also a
 problem with PGP. PGP only secures the individual message. With a PKI,
 it -might- also provide verification of the end-points of a communique.
 However, verifying the source is light-years removed from verifying the
 identity of the source. One can use PGP and still remain anonymous. What's
 missing here is a determination of what an identity is defined as.
 
 > > > For that matter, there is no large scale use of open, encrypton-based
 > > > authentication services.
 > >
 > >This is true, iff you emphasize the term "open".
 >
 > That is exactly the point.  ICANN participation is open.
 
 ... apples and oranges, Dave. ICANN is not a technology and authentication
 services are not a would-be governance organization.
 
 > > > And that's the problem.  All of this technology-iriented
 > discussion, for
 > > > solving the registration problem, is being conducted without
 > attending to
 > > > the raw fact that the technology has not already been deployed
 > > > and used on very wide scale.
 > >
 > >This is false (see above).
 >
 > It is not false.  (See above.)
 
 We disagree?!?!? Nahhhh....
 
 > > > PGP advocates might disagree about large scale authentication
 > activities,
 > > > but that is an example of the problem, rather than a counter
 > to it.  Both
 > > > PGP and S/Mime are still human factors problems for average users.
 > >
 > >and here is another problem that I can agree with. PGP needs a PKI and is
 > >not server-based. SSL/TLS is server-based, but you have to roll your own
 >
 > Modern PGP implementations use servers that are, effectively, the same as
 > PKI servers.
 
 I was speaking more towards TLS, in conjunction with a CSP.
 
 --
 This message was passed to you via the ga@dnso.org list.
 Send mail to majordomo@dnso.org to unsubscribe
 ("unsubscribe ga" in the body of the message).
 Archives at http://www.dnso.org/archives.html
 
  >>
--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html